Enabling network intrusion prevention or browser intrusion prevention

Intrusion prevention is enabled by default. Typically, you should not disable either type of intrusion prevention.
You can enable a log-only mode for browser intrusion prevention to record what traffic it blocks without affecting the client user. You can then use the
Network and Host Exploit Mitigation
attack logs in
Symantec Endpoint Protection Manager
to create exceptions in the
Intrusion Prevention
policy to ignore specific browser signatures. You would then disable log-only mode.
To configure these settings in mixed control, you must also enable these settings in the
Client User Interface Mixed Control Settings
dialog box.
  1. To enable network intrusion prevention or browser intrusion prevention
  2. In the console, open an Intrusion Prevention policy.
  3. On the policy page, click
    Intrusion Prevention
    .
  4. Make sure the following options are checked:
    • Enable Network Intrusion Prevention
      You can also exclude particular computers from network intrusion prevention. See:
    • Enable Browser Intrusion Prevention for Windows
  5. Click
    OK
    .